Urgent Flights

Security checks across malware telemetry and agentic risk

Overview

This flight-search skill has a coherent purpose, but it asks for broad local authority and stores raw travel requests in a way users should review before installing.

Install only if you are comfortable with a local agent running the flyai CLI, sending travel search details to that provider, and potentially writing raw request logs locally. Avoid sudo or global installation where possible, use an isolated environment, and delete or disable .flyai-execution-log.json if you do not want travel details retained.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (3)

Intent-Code Divergence

Low

Confidence: 93% confidence
Finding: The fallback logic is internally contradictory: it says not to search for a passed date, then immediately instructs an automatic search for tomorrow. In a travel-booking context, silently changing the user's requested date can cause unauthorized or incorrect itinerary results, and may lead to booking mistakes or user harm in urgent travel scenarios.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The description advertises a narrow urgent-flights function but then adds a broad catch-all claim ('and more'), expanding the apparent capability boundary beyond what the activation guidance defines. In agent ecosystems, this can cause over-triggering, ambiguous routing, and invocation for unrelated high-risk travel tasks such as booking or insurance flows without clear guardrails.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The runbook explicitly logs the raw user query and instructs the agent to append the full execution log to a local file if writes are available. In a travel-booking context, user queries can contain sensitive personal data such as names, travel dates, passport or visa details, locations, and emergency travel circumstances, so retaining them without minimization, consent, or retention controls creates a real privacy and data-exposure risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal